Flashback Trojan: Making Sure Your Mac is Safe

The Flashback Trojan poses a potential threat to Mac users with older version of Java installed, and according to the Russia-based antivirus company Dr. Web, over 600,000 Macs have been been infected. Avoiding the Trojan is fairly easy to do, and checking to see if you’ve fallen victim only takes a couple steps.

The Flashback Trojan originally tried to trick users into giving up their account login by posing as a Flash installer where it would then disable OS X’s built-in malware definition updater, opening the victim’s Mac to more potential attacks. A later version attempted to exploit a security flaw in older versions of Java to auto-install itself.

To avoid getting stung by Flashback, be sure the latest version of Java is installed on your Mac. Apple released a Java update on April 4 that addresses the vulnerabilities Flashback exploits.

Since you can fall victim to Flashback simply by visiting a maliciously crafted website, it’s a good idea to make sure you have the latest version of Java installed on your Mac right away. Apple’s Java update is available for OS X 10.6.8 and OS X 10.7.3 through the Software Update application, or as downloads from the Apple Support website.

Apple doesn’t include Adobe’s Flash player as part of the OS X installation, so if you need Flash, you have to download and install it yourself. Instead of clicking a link in a Web dialog that offers to install Flash for you — a common way to get hit by Flashback — go to the Adobe website and download the installer yourself.

If you think Flashback may have found its way onto your computer, the security company F-Secure offers steps to see if you are infected along with options for removing the malicious files from you Mac.

If Flashback isn’t present, you’ll see this message: The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist

Jeff’s Mac is Flashback-free

If the responses you saw were different, it’s time to follow along with the instructions on the F-Secure website. Since it’s easy for hackers to make websites that look legit, be sure you’re Mac is up to date and if you must run Flash, grab the installer from Adobe’s website and no where else.

I just checked on my MacBook Pro. Java is installed, but turned off in Safari and CyberDuck runs fine.

Bad news Lee….

If Java is enabled then a Mac is vulnerable, although if Java is off in Safari & FireFox you should be safe from malicious websites unless of course you downloaded a Java based app from the Net…..

edit:
Actually I should have said:
Unless Java is turned off, any App you download can exploit the Java vulnerability.
(I think. I’m not a security expert or a expert in general, I’m just going off what I’ve read online)

And yes, CyberDuck now won’t run. I will look into buying Transmit or something, or just turn on Java if I need to use CyberDuck.

Annon6:06 PM EDT, Apr. 6th, 2012Guest

Those who are having issues with CyberDuck might want to try FileZilla
http://filezilla-project.org/download.php
I found it was significantly better at large FTP transfers, has the right price (free) and does some very nice things like mirrored browsing.